Vulnerability Database

289,599

Total vulnerabilities in the database

CVE-2013-2256

OpenStack Compute (Nova) before 2013.1.3 and Havana before havana-2 does not properly enforce the os-flavor-access:is_public property, which allows remote authenticated users to obtain sensitive information (flavor properties), boot arbitrary flavors, and possibly have other unspecified impacts by guessing the flavor id.

CVSS v2:

  • Severity: Medium
  • Score: 6
  • AV:N/AC:M/Au:S/C:P/I:P/A:P

CWEs:

Software From Fixed in
openstack / nova 2013.1 2013.1.3
openstack / nova 2013.2-milestone1 2013.2-milestone1.x
nova - 2013.1.3